Rated 4 out of 5 by Juan C. Sanchez Pignalosa Application Control should be able to be managed with users; however, we now have a protected, standardized network. Valuable Features:The web filter and the ATP (Advanced Threat Protection) are great and easy to manage, and the integrated WAF (Web Application Firewall) allows the administrator to seamlessly protect HTTP/S services without having to pay thousands of dollars. The just introduced Sandstorm system for protection, is awesome as well.Improvements to My Organization:Our datacenter cloud services such as email, and web services for internal and external use, had to be protected with different systems and the web services where left really unprotected, since we used an standard IPS/IDS to protect ourselves from web attacks (from the outside) which nowadays are really sophisticated. Also, we had to employ many work hours to have a protected, standardized network. With Sophos EndPoint and Sophos UTM, we simplified and also protected our network at the same time, with less work force.Room for Improvement:Sophos UTM has many improvements that I would suggest, but the main one is for the Application Control to be managed with users as well, and with timeframes (schedules) for the administrator to allow certain apps outside an specific timeframe, or vice versa.Use of Solution:We've been using Sophos UTM since 2012 as we were looking for an easy and robust network protection tool at the same timesolution. We're using it in conjunction with Sophos EPP.Deployment Issues:No issues encountered.Stability Issues:No issues encountered.Scalability Issues:The scalability is awesome as when you need the network protection systems to grow immediately, you just activate and license the exact same box, and configure it in cluster mode for Active-Active mode in Cluster/High Availability.Technical Support:This is where Sophos vendor outclasses every other vendor. They have grown so much throughout the last four to five years, but they have grown as well in their capability to attend support cases. We've had some really advanced cases, and we have never been forgotten or left behind.Previous Solutions:We used a commercial product, Untangle, with our own brand called Rhino Box. Untangle did not invest in the development of features as we expected, such as the adoption of IPSec VPNs (they had it but very limited), and IPv6. This was what made us do research for our SMB/Enterprise market offering. We tried out Sophos UTM (recently purchased as Astaro UTM) and it was really easy to deploy and came with Sophos Support, which is awesome.Initial Setup:The initial setup is straightforward. Sophos brand is well known in the market for being a unique and powerful tool that is simple to deploy and manage. This is what makes it different from any other vendors. The Sophos UTM, comes with a deployment "Wizard for Dummies" since it show the wizard at the initial setup, and in less than three minutes, you can have your box up and running. Also for Policies deployment, you are clicks away to customize your security settings.Implementation Team:We always deploy by ourselves, so that way we can test how the customer will see the initial implementation. Our main advice, is to read the manual, and follow the wizards that comes with each tool. Also, it is strongly recommended to have a professional firm contracted for the initial setup, and support, as we are, to can design, and help with any kind of implementation issues.ROI:The ROI is in 12-16 months, since with this kind of tool, we deliver the best of breed protection, and increment the focus of the end user, in being productive.Cost and Licensing Advice:I recommend you get the three year licenses, since Sophos offers three years for the price of two. I would also recommend that you acquire any Sophos Licensing with Professional Services added, that way, you'll have the best experience possible.Other Advice:They have supported our business venture since 2010, and will do for many years. We have studied closely the different product portfolio, and each one of them, are carefully developed.Disclaimer: My company has a business relationship with this vendor other than being a customer:We have been a Gold Partner since 2010. July 7, 2016

Rated 4 out of 5 by Karim Kronfli An Excellent Product, easy to understand for an experienced engineer The Sophos UTM products helped us manage and a global network of more than 20 sites.Their ability to firewall, filter and monitor network traffic and provide VPN connectivity really helped us day to day with such a complex network.We chose the product initially because the user interface was simple to understand and made sense without requiring a long training course for an experienced network engineer to utilise.Central Management is made easy with the Sophos UTM Manager which allows you to set configurations, see patch status and pull reports from all your estate.While the product was originally with Astaro the low end (1xx) units had serious reliability issues and support was extremely challenging to engage with. However, once Sophos took over their world class technical support teams soon brought responsiveness up to the level I would expect from a premium product. And the newer hardware is much better quality.The ability to have either software, hardware or virtual appliances allows excellent freedom of choice.High Availability is easy to configure and works really well, with options to have either active \ active or active \ passive depending on your needs and budget.The fact you can use the full product for Free at home is a wonderful idea for engineers to become more familiar with the product and keep their skills up to date.Disclaimer: I am a real user, and this review is based on my own experience and opinions. April 6, 2016

Rated 4 out of 5 by Gregory Ostapenko The reliability of the equipment makes it possible to provide stable connections but IPSEC site-to-site VPN connectivity needs to be improved. Valuable Features:* Reliability* Usability* Number of features that fully cover goals* Perfect support* Possibility to get “under the hood”Improvements to My Organization:The Sophos solution provides a branch to head office distributed network for a construction company across New Zealand, and the reliability of the equipment makes it possible to provide stable connections and is easy to implement and support.Room for Improvement:Would be great if it would be possible to improve IPSEC site-to-site VPN connectivity over slow/unstable internet connections.Use of Solution:This particular configuration has been in use for about two and a half years.Deployment Issues:No issues encountered.Stability Issues:Very rare cases of appliance lost admin password or web-service hangs.Scalability Issues:No issues encountered.Customer Service:Since I’m an engineer, I probably cannot evaluate this aspect, however as far as I know equipment order and upgrade was always fineTechnical Support:4.99 out of 5 – support is very helpful, only once there were misunderstanding about licensing and number of supported Sophos WAPs and that was resolved promptly and fully.Previous Solutions:For this project, the Sophos infrastructure has been planned and deployed from the start and there has been no need to change itInitial Setup:It's logically straightforward and the transparent interface made possible a quick deployment. However, a little time was needed to get familiarized with the interface.Implementation Team:It was implemented in house.Other Advice:Nothing is perfect, but with Sophos those are really small – sometimes it is incorrect firmware upgrade paths, or rare log in problems (device forgetting admin password). All those though can be fixed, there is plenty information in the Internet and support is usually awesome. Also, you need to plan the solution and costs involved, while having in mind potential growth of users/connections; e.g. creating virtual appliances and allocating resources (RAM, CPU, NICs) minding potential workload.Disclaimer: I am a real user, and this review is based on my own experience and opinions. May 27, 2015

Rated 4 out of 5 by ITSecAuditMgr089 It is full of options, but the web filtering engine needs to be improved. Valuable Features:They are all valuable, but the most valuable is the uplink balancing. This is very useful when dealing with more than one ISP, and the wireless capability for our guests.Improvements to My Organization:It's scalable and easy to manage.Room for Improvement:The web filtering engine needs to be improved as, sometimes, the service hangs for a while and restarts randomly. Alas, there was an issue with authorizing Lync traffic but it's all good now.Use of Solution:I've used it for eight years.Deployment Issues:No issues encountered.Stability Issues:Rarely.Scalability Issues:No issues encountered.Customer Service:It's good.Technical Support:It's acceptable because sometimes there are delays with answering our requests. We are using the regular support, so we don't have the ability to contact Sophos directly.Previous Solutions:We did, and we switched due to the costs and the functionalities.Initial Setup:It was very easy.Implementation Team:We used a vendor team to implement it.Other Advice:It's a nice product that is full of interesting options.Disclaimer: I am a real user, and this review is based on my own experience and opinions. May 19, 2015

Rated 4 out of 5 by DataDeptMgr674 As both a firewall and UTM it's perfect, however, sometimes with setting up the spam filters there is an issue. Valuable Features:As both a firewall and UTM it's perfect.Improvements to My Organization:As we are a solution provider and not product oriented, we give the best solution for our customers, with a good price. We are the number one company in the region, BTC, and operate in Egypt, Iraq, Jordan, Lebanon, and Saudi Arabia.Use of Solution:I have been using Astaro for seven years, from before it was acquired by Sophos. I'd rate the firewall as 8/10.Deployment Issues:Sometimes with setting up the spam filters, there is an issue.Scalability Issues:No issues encountered.Customer Service:For me, the customer satisfaction, and awareness, is the most important thing. I usually train all my clients on their chosen system.Technical Support:10/10.Previous Solutions:As we are a service provider, we offer various other products to our customer:* Astaro ASG* Avaya/Netscreen* Fortinet* HP Switches & WiFi* Juniper SSG* Juniper SRX 210 & 240* Juniper WXC* Sophos next generation SG, including RED, SG, and WiFi* Telindus Crocus E1QInitial Setup:For me, the installation and setup is simple. I work hard to do the simulation for the customer, and discuss all the requirements before implementation with the client.Implementation Team:In one project I implemented Sophos for was a bank. I had to involve the Sophos team as the client was asking for WAF in transparent mode with HTTPS inspection. They were 10/10.Other Solutions Considered:Prior to Sophos, it was mainly Juniper and Fortinet.Other Advice:Give us 10 minutes of your time, and we will show you the differences. When I do presentations, I give potential clients demo access to the solution(s) I am presenting.Disclaimer: I am a real user, and this review is based on my own experience and opinions. April 30, 2015

Rated 3 out of 5 by SuppEng352 RED appliances and APs make a difference, however, performance is suffering under high traffic usage. Valuable Features:I think the RED appliances and APs make a difference, and add value to Sophos. Also, it is easy to configure, robust and is a stable appliance. The licensing is great, because you don't have to pay the same license fee for a standby appliance.Improvements to My Organization:Actually, we were not used to firewalls in our organization, but I was working at a distributor previously so I had a chance to do many demos. The customers like its GUI because it's easy to manage and RED takes attention of the customer which has distributed locations like shops, cafes, fast food stores etc.Room for Improvement:They should have more powerful appliances. The appliances throughput and performance is suffering under high traffic usage. Also, I think they need better appliances for enterprise and high end customers.Use of Solution:I've used it for one year.Deployment Issues:Because we have local laws about logging, we had to get permission to develop a logging mechanism. Also, we had lots of requests to improve URL filtering categories.Stability Issues:I had an issue with transparent mode in a demo, but mostly it is a very stable appliance and software.Scalability Issues:Sophos has a sizing guide which is a great during the planning phase in ensuring you are getting the sizing right. I have used it many times when I preparing customer demands. I haven't had any problems yet.Customer Service:I was working with Sophos' Germany office, and they always supported me. It was really great working with them.Technical Support:They're 6/10. I had many cases, but they don't like to do a remote session immediately. To be honest, I have worked with better support teams from other vendors,.Initial Setup:It is very easy.Implementation Team:I implemented it but got help from the vendor when I got stuck wit something. They are great.Other Advice:It is great solution for customers who have small, branch offices. I would advise you get Sophos for distributed locations (with RED and APs).Disclaimer: I am a real user, and this review is based on my own experience and opinions. April 30, 2015

Rated 4 out of 5 by David Duff Comprehensive UTM Product, scale-able, fast, understandable user interface Valuable Features:Proven UTM technology, excellent security and threat management are valuable features. The fact that I can provide scalable solutions for a SoHo environment on a small appliance, run on my own PC/server or even a virtualized environment allows me to accommodate almost any business, regardless of size. The software works in the same way across all the models. I have managed all my clients via the Sophos UTM Manager, a centralized console. I am a MSP, so having a centralized system to managed and maintain all of my client UTM firewalls is just gravy.Customers appreciate the extensive built in reporting, rock solid IPS and security features. Coupled with a centralized Wireless and Remote Ethernet Device (RED) Device extends my service offerings. Lastly, the Total Protect bundle offers an affordable, comprehensive solution for the SMB market.Improvements to My Organization:Using the SUM (Sophos UTM Manager) Central Console, each client UTM is configured to report to my RMM and CRM system for monitoring, SLA, ticketing, and support. We can administer a majority of our management such as firmware updates from our Sophos UTM manager. With many other products, this needs to be done and case by case basis.We also schedule weekly automatic backups of the clients UTM configuration. These backups are emailed to our support portal and preserved. We keep spare/loaner equipment in stock so if a client’s UTM has a catastrophic failure, we prep a spare unit, apply their most recent configuration, and within 5 minutes have a functioning loaner unit we can deliver while their warranty replacement is processed. A simple drive to the client’s location and a swap out is done which gets them back in business on the same day. You can also get a 30 day full trial license for appliance or software. My sales staff can place a 30 day trial of fully functional unit as part of a proof of concept.Room for Improvement:The unit offers great failover and load balancing features that can be complex to understand, some streamlining of the process would help. More predefined port rules would help the novice user/technician as well.Use of Solution:I have been a Sophos/Astaro Partner for over 10 years. I started with Astaro v6 and have continued with them following their acquisition by Sophos a few years ago. The product keep getting better and better. I have over 200 units I have installed and managed. I am currently selling the SG Series with UTM v9.309. The SG series have models that fit small business up to large enterprise environments.Alongside the hardware versions, we also use a virtualized version running UTM 9.Deployment Issues:The only issues I have, have been due to human error.Stability Issues:The solution is very stable if you size the unit to the environment. An SG125 is great for a 25 person office with web, email filtering, application control, etc. but it would not work well in a 100 person office. You need to know the proper sizing prior to deployment.Scalability Issues:As stated, unit needs to be scaled to the environment. So if I don’t do my job of understanding the client's environment, it is possible to undersize the unit just like every other product. For clients who are planning major growth, we tend to sell either a virtualized UTM or software base unit. Then it is simply a matter of adding license capacity, RAM, CPU, etc. when needed.Customer Service:They have a great account team and customer service is solid. 85% of the time the issues are resolved on the same day, and 97% by the next business day.Technical Support:They have excellent technical support. I can submit a ticket request via their portal, with a call, etc. I can get someone 24/7 and usually within an hour. They also have a great escalation procedure.Previous Solutions:I have used many, such as SonicWALL, Cisco, Juniper, WatchGuard, and FortiGate. Sophos is consistent and deep in their solutions and I like a consistent platform and support.Initial Setup:Simple small offices are a breeze. We have some template configurations, which only require us to stage and activate a license(s), install a basic template and modify the interfaces to meet client specifics and then add the unique definitions. More complex setups start with a basic template which even my technicians can load, and then require an engineer or security specialist to finish off.Implementation Team:We are a managed service provider (MSP) so we do it in-house for clients. We provide our customers with basic training and complete documentation package.ROI:As with most hardware, margins could always be better. I can get competitive pricing on larger deals. Our biggest ROI is the monthly management fee, which is very reasonable for our clients. Since we do all of our management (updates, reports, etc.) from the SUM we spend very little time on this and a technician can do it. It has a very good economy scaling and the annual subscription renewals are pretty standard with not much of a margin. This solution fits the MSP model very well due to it being a centralized control/management solution.Cost and Licensing Advice:A SoHo setup takes about an hour, which is US$125 and the monthly management/maintenance is US$30, but it all adds up.Other Solutions Considered:We have evaluated many* WatchGuard* SonicWALL* Cisco* FortiGate* Smoothwall, etc.Other Advice:The product has a shallow and a deep end. Getting a small business/SoHo running up quickly and reliably is straight forward, but the deep end takes some technical skills, just like any solution. What I really like is that my Tier One guys can get a quick status update, have a look very quickly, and then resolve most basic issues. Tiers two and three are not as involved unless there is a major issue or complexity. Also, when buying the product, get the audit/chance tracking built in too!Disclaimer: My company has a business relationship with this vendor other than being a customer:My company is a business partner. April 2, 2015

Rated 4 out of 5 by Sanket Dangi Sophos UTM helps us to control incoming and outgoing network traffic. Not a highly available and scalable product. Valuable Features:Valuable Features include Sophos Remote Access VPN, Country Based Firewall, Web Application Firewall, Ease of access (via browser) and Reporting.Improvements to My Organization:Sophos UTM helps us to control incoming and outgoing network traffic. It also helps employees connect to the AWS VPC environment from remote locations. Web application firewall protects applications from different hacking attempts like SQL Injection, Cross site scripting, Cookie signing, URL hardening etc. On top of that, it also helps the organization adhere to compliance rules and provides an audit trail of the environment.Room for Improvement:Sophos UTM is not a highly available and scalable product. Till now, it is a single point of failure.Use of Solution:2.5 years.Deployment Issues:No issues encountered. We had a very smooth deployment.Stability Issues:No issues with stability.Scalability Issues:Yes. Sophos UTM on AWS is not an scalable product. Sophos is actively working on scalability part from using a UTM manager which can control configuration deployment on multiple UTM'sCustomer Service:Customer service level is top notch.Technical Support:Very Good. All our queries were properly answered on time.Previous Solutions:Yes. Earlier, we had used Checkpoint. But the deployment procedure and user interface for Checkpoint was very complicated. The amount of time to invest in checkpoint is nearly 2x than Sophos. Checkpoint requires tool to be installed on your system while Sophos is a browser based tool.Initial Setup:It was a very straightforward setup. As it is a browser based tool, it helps administrator to access it from different location and system. We don't have to download desktop clients on our local system. Also, we can access this product from different operating systems (linux, windows and Mac).Implementation Team:We deployed it in-house.ROI:ROI for the product is very high. The cost of the product is based on the number of users and the licensing is not too expensive.Cost and Licensing Advice:On AWS, instances/servers are charged on hourly basis. The yearly licensing cost for 10 years is nearly around $200-300.Other Solutions Considered:While we were looking for deployment of UTM product on AWS in year 2011, there were only 2 stable products available in market i.e., Sophos and Checkpoint. We choose to go ahead with Sophos.Other Advice:Easy to use, Easy to access, good for compliance. It is a very good product as compared to others available on AWS.Disclaimer: I am a real user, and this review is based on my own experience and opinions. November 18, 2014